16007: Refactoring and update comments.
[arvados.git] / services / api / test / integration / users_test.rb
index ee230d5140071c2c8cf5ae1dd961fe8663f115b2..b24ddc5a52c02c495b14f9871763411fa4ccbea8 100644 (file)
@@ -326,7 +326,7 @@ class UsersTest < ActionDispatch::IntegrationTest
 
   end
 
-  test "cannot set is_activate to false directly" do
+  test "cannot set is_active to false directly" do
     post('/arvados/v1/users',
       params: {
         user: {
@@ -339,6 +339,14 @@ class UsersTest < ActionDispatch::IntegrationTest
     user = json_response
     assert_equal false, user['is_active']
 
+    token = act_as_system_user do
+      ApiClientAuthorization.create!(user: User.find_by_uuid(user['uuid']), api_client: ApiClient.all.first).api_token
+    end
+    post("/arvados/v1/user_agreements/sign",
+        params: {uuid: 'zzzzz-4zz18-t68oksiu9m80s4y'},
+        headers: {"HTTP_AUTHORIZATION" => "Bearer #{token}"})
+    assert_response :success
+
     post("/arvados/v1/users/#{user['uuid']}/activate",
       params: {},
       headers: auth(:admin))
@@ -440,5 +448,22 @@ class UsersTest < ActionDispatch::IntegrationTest
     assert_match(/Cannot activate without being invited/, json_response['errors'][0])
   end
 
+  test "bypass_federation only accepted for admins" do
+    get "/arvados/v1/users",
+      params: {
+        bypass_federation: true
+      },
+      headers: auth(:admin)
+
+    assert_response :success
+
+    get "/arvados/v1/users",
+      params: {
+        bypass_federation: true
+      },
+      headers: auth(:active)
+
+    assert_response 403
+  end
 
 end